OpenCoverage

v3_akey.c

Absolute File Name:/home/opencoverage/opencoverage/guest-scripts/libressl/src/crypto/x509v3/v3_akey.c
Source codeSwitch to Preprocessed file
LineSourceCount
1/* $OpenBSD: v3_akey.c,v 1.19 2017/01/29 17:49:23 beck Exp $ */-
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL-
3 * project 1999.-
4 */-
5/* ====================================================================-
6 * Copyright (c) 1999 The OpenSSL Project. All rights reserved.-
7 *-
8 * Redistribution and use in source and binary forms, with or without-
9 * modification, are permitted provided that the following conditions-
10 * are met:-
11 *-
12 * 1. Redistributions of source code must retain the above copyright-
13 * notice, this list of conditions and the following disclaimer.-
14 *-
15 * 2. Redistributions in binary form must reproduce the above copyright-
16 * notice, this list of conditions and the following disclaimer in-
17 * the documentation and/or other materials provided with the-
18 * distribution.-
19 *-
20 * 3. All advertising materials mentioning features or use of this-
21 * software must display the following acknowledgment:-
22 * "This product includes software developed by the OpenSSL Project-
23 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"-
24 *-
25 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to-
26 * endorse or promote products derived from this software without-
27 * prior written permission. For written permission, please contact-
28 * licensing@OpenSSL.org.-
29 *-
30 * 5. Products derived from this software may not be called "OpenSSL"-
31 * nor may "OpenSSL" appear in their names without prior written-
32 * permission of the OpenSSL Project.-
33 *-
34 * 6. Redistributions of any form whatsoever must retain the following-
35 * acknowledgment:-
36 * "This product includes software developed by the OpenSSL Project-
37 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"-
38 *-
39 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY-
40 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE-
41 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR-
42 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR-
43 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,-
44 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT-
45 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;-
46 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)-
47 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,-
48 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)-
49 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED-
50 * OF THE POSSIBILITY OF SUCH DAMAGE.-
51 * ====================================================================-
52 *-
53 * This product includes cryptographic software written by Eric Young-
54 * (eay@cryptsoft.com). This product includes software written by Tim-
55 * Hudson (tjh@cryptsoft.com).-
56 *-
57 */-
58-
59#include <stdio.h>-
60#include <string.h>-
61-
62#include <openssl/asn1.h>-
63#include <openssl/asn1t.h>-
64#include <openssl/conf.h>-
65#include <openssl/err.h>-
66#include <openssl/x509v3.h>-
67-
68static STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,-
69 AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist);-
70static AUTHORITY_KEYID *v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,-
71 X509V3_CTX *ctx, STACK_OF(CONF_VALUE) *values);-
72-
73const X509V3_EXT_METHOD v3_akey_id = {-
74 .ext_nid = NID_authority_key_identifier,-
75 .ext_flags = X509V3_EXT_MULTILINE,-
76 .it = &AUTHORITY_KEYID_it,-
77 .ext_new = NULL,-
78 .ext_free = NULL,-
79 .d2i = NULL,-
80 .i2d = NULL,-
81 .i2s = NULL,-
82 .s2i = NULL,-
83 .i2v = (X509V3_EXT_I2V)i2v_AUTHORITY_KEYID,-
84 .v2i = (X509V3_EXT_V2I)v2i_AUTHORITY_KEYID,-
85 .i2r = NULL,-
86 .r2i = NULL,-
87 .usr_data = NULL,-
88};-
89-
90static-
91STACK_OF(CONF_VALUE) *i2v_AUTHORITY_KEYID(X509V3_EXT_METHOD *method,-
92 AUTHORITY_KEYID *akeyid, STACK_OF(CONF_VALUE) *extlist)-
93{-
94 char *tmp;-
95-
96 if (akeyid->keyid) {
akeyid->keyidDescription
TRUEnever evaluated
FALSEnever evaluated
0
97 tmp = hex_to_string(akeyid->keyid->data, akeyid->keyid->length);-
98 X509V3_add_value("keyid", tmp, &extlist);-
99 free(tmp);-
100 }
never executed: end of block
0
101 if (akeyid->issuer)
akeyid->issuerDescription
TRUEnever evaluated
FALSEnever evaluated
0
102 extlist = i2v_GENERAL_NAMES(NULL, akeyid->issuer, extlist);
never executed: extlist = i2v_GENERAL_NAMES( ((void *)0) , akeyid->issuer, extlist);
0
103 if (akeyid->serial) {
akeyid->serialDescription
TRUEnever evaluated
FALSEnever evaluated
0
104 tmp = hex_to_string(akeyid->serial->data,-
105 akeyid->serial->length);-
106 X509V3_add_value("serial", tmp, &extlist);-
107 free(tmp);-
108 }
never executed: end of block
0
109 return extlist;
never executed: return extlist;
0
110}-
111-
112/* Currently two options:-
113 * keyid: use the issuers subject keyid, the value 'always' means its is-
114 * an error if the issuer certificate doesn't have a key id.-
115 * issuer: use the issuers cert issuer and serial number. The default is-
116 * to only use this if keyid is not present. With the option 'always'-
117 * this is always included.-
118 */-
119-
120static AUTHORITY_KEYID *-
121v2i_AUTHORITY_KEYID(X509V3_EXT_METHOD *method, X509V3_CTX *ctx,-
122 STACK_OF(CONF_VALUE) *values)-
123{-
124 char keyid = 0, issuer = 0;-
125 int i;-
126 CONF_VALUE *cnf;-
127 ASN1_OCTET_STRING *ikeyid = NULL;-
128 X509_NAME *isname = NULL;-
129 STACK_OF(GENERAL_NAME) *gens = NULL;-
130 GENERAL_NAME *gen = NULL;-
131 ASN1_INTEGER *serial = NULL;-
132 X509_EXTENSION *ext;-
133 X509 *cert;-
134 AUTHORITY_KEYID *akeyid = NULL;-
135-
136 for (i = 0; i < sk_CONF_VALUE_num(values); i++) {
i < sk_num(((_...NF_VALUE*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
137 cnf = sk_CONF_VALUE_value(values, i);-
138 if (!strcmp(cnf->name, "keyid")) {
never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "keyid" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
! __extension_...eyid" )))); })Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
139 keyid = 1;-
140 if (cnf->value && !strcmp(cnf->value, "always"))
never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "always" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
cnf->valueDescription
TRUEnever evaluated
FALSEnever evaluated
! __extension_...ways" )))); })Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
141 keyid = 2;
never executed: keyid = 2;
0
142 }
never executed: end of block
0
143 else if (!strcmp(cnf->name, "issuer")) {
never executed: __result = (((const unsigned char *) (const char *) ( cnf->name ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "issuer" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
! __extension_...suer" )))); })Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
144 issuer = 1;-
145 if (cnf->value && !strcmp(cnf->value, "always"))
never executed: __result = (((const unsigned char *) (const char *) ( cnf->value ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
never executed: __result = (((const unsigned char *) (const char *) ( "always" ))[3] - __s2[3]);
never executed: end of block
never executed: end of block
cnf->valueDescription
TRUEnever evaluated
FALSEnever evaluated
! __extension_...ways" )))); })Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s1_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 0Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 1Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
__s2_len > 2Description
TRUEnever evaluated
FALSEnever evaluated
__result == 0Description
TRUEnever evaluated
FALSEnever evaluated
0
146 issuer = 2;
never executed: issuer = 2;
0
147 } else {
never executed: end of block
0
148 X509V3error(X509V3_R_UNKNOWN_OPTION);-
149 ERR_asprintf_error_data("name=%s", cnf->name);-
150 return NULL;
never executed: return ((void *)0) ;
0
151 }-
152 }-
153-
154 if (!ctx || !ctx->issuer_cert) {
!ctxDescription
TRUEnever evaluated
FALSEnever evaluated
!ctx->issuer_certDescription
TRUEnever evaluated
FALSEnever evaluated
0
155 if (ctx && (ctx->flags == CTX_TEST))
ctxDescription
TRUEnever evaluated
FALSEnever evaluated
(ctx->flags == 0x1)Description
TRUEnever evaluated
FALSEnever evaluated
0
156 return AUTHORITY_KEYID_new();
never executed: return AUTHORITY_KEYID_new();
0
157 X509V3error(X509V3_R_NO_ISSUER_CERTIFICATE);-
158 return NULL;
never executed: return ((void *)0) ;
0
159 }-
160-
161 cert = ctx->issuer_cert;-
162-
163 if (keyid) {
keyidDescription
TRUEnever evaluated
FALSEnever evaluated
0
164 i = X509_get_ext_by_NID(cert, NID_subject_key_identifier, -1);-
165 if ((i >= 0) && (ext = X509_get_ext(cert, i)))
(i >= 0)Description
TRUEnever evaluated
FALSEnever evaluated
(ext = X509_get_ext(cert, i))Description
TRUEnever evaluated
FALSEnever evaluated
0
166 ikeyid = X509V3_EXT_d2i(ext);
never executed: ikeyid = X509V3_EXT_d2i(ext);
0
167 if (keyid == 2 && !ikeyid) {
keyid == 2Description
TRUEnever evaluated
FALSEnever evaluated
!ikeyidDescription
TRUEnever evaluated
FALSEnever evaluated
0
168 X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_KEYID);-
169 return NULL;
never executed: return ((void *)0) ;
0
170 }-
171 }
never executed: end of block
0
172-
173 if ((issuer && !ikeyid) || (issuer == 2)) {
issuerDescription
TRUEnever evaluated
FALSEnever evaluated
!ikeyidDescription
TRUEnever evaluated
FALSEnever evaluated
(issuer == 2)Description
TRUEnever evaluated
FALSEnever evaluated
0
174 isname = X509_NAME_dup(X509_get_issuer_name(cert));-
175 serial = ASN1_INTEGER_dup(X509_get_serialNumber(cert));-
176 if (!isname || !serial) {
!isnameDescription
TRUEnever evaluated
FALSEnever evaluated
!serialDescription
TRUEnever evaluated
FALSEnever evaluated
0
177 X509V3error(X509V3_R_UNABLE_TO_GET_ISSUER_DETAILS);-
178 goto err;
never executed: goto err;
0
179 }-
180 }
never executed: end of block
0
181-
182 if (!(akeyid = AUTHORITY_KEYID_new()))
!(akeyid = AUT...Y_KEYID_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
183 goto err;
never executed: goto err;
0
184-
185 if (isname) {
isnameDescription
TRUEnever evaluated
FALSEnever evaluated
0
186 if (!(gens = sk_GENERAL_NAME_new_null()) ||
!(gens = ((str...k_new_null()))Description
TRUEnever evaluated
FALSEnever evaluated
0
187 !(gen = GENERAL_NAME_new()) ||
!(gen = GENERAL_NAME_new())Description
TRUEnever evaluated
FALSEnever evaluated
0
188 !sk_GENERAL_NAME_push(gens, gen)) {
!sk_push(((_ST...RAL_NAME*)0)))Description
TRUEnever evaluated
FALSEnever evaluated
0
189 X509V3error(ERR_R_MALLOC_FAILURE);-
190 goto err;
never executed: goto err;
0
191 }-
192 gen->type = GEN_DIRNAME;-
193 gen->d.dirn = isname;-
194 }
never executed: end of block
0
195-
196 akeyid->issuer = gens;-
197 akeyid->serial = serial;-
198 akeyid->keyid = ikeyid;-
199-
200 return akeyid;
never executed: return akeyid;
0
201-
202err:-
203 AUTHORITY_KEYID_free(akeyid);-
204 GENERAL_NAME_free(gen);-
205 sk_GENERAL_NAME_free(gens);-
206 X509_NAME_free(isname);-
207 ASN1_INTEGER_free(serial);-
208 ASN1_OCTET_STRING_free(ikeyid);-
209 return NULL;
never executed: return ((void *)0) ;
0
210}-
Source codeSwitch to Preprocessed file
Generated by Squish Coco 4.2.2